nsp found vulnerability

[oskaryil]

node security check just found a new vulnerability in passport-jwt which goes down to jsonwebtoken > joi > hoek. https://nodesecurity.io/advisories/566

[daraghking]

v8 of jsonwebtoken dropped the Joi dependency. I ran the tests on an updated dependency (v8.1.1) and they all pass.

This might be useful: https://github.com/auth0/node-jsonwebtoken/wiki/Migration-Notes:-v7-to-v8

[thiagobustamante]

Any news? It is breaking my build, once nsp is failing

[thiagobustamante]

@themikenicholson, Can I send a Pull Request to fix it?

[mikenicholson]

Fixed by 4.0.0 release. Closing.

Apologies for taking so long to get to this.